<?php

namespace api\controllers;

use yii\filters\auth\HttpBearerAuth;
use yii\helpers\ArrayHelper;
use yii\rest\ActiveController;
use yii\web\NotFoundHttpException;
use Yii;
/**
 * @author iron
 * @email weiriron@gmail.com
 */
class CommonController extends ActiveController
{

    public $searchModel;

    public function behaviors()
    {
        return ArrayHelper::merge(parent::behaviors(), [
            'authenticatior' => [
                'class' => HttpBearerAuth::className(),
                'except' => [],
            ]
        ]);
    }

    public function actions()
    {
        $action = parent::actions();
        unset($action['create']);
        unset($action['update']);
        unset($action['index']);
        return $action;
    }

    protected function getFilter()
    {
        return [];
    }

    public function checkAccess($action, $model = null, $params = [])
    {
        if ($model && isset($model->user_id) && $model->user_id !== Yii::$app->user->getId()) {
            switch ($action) {
                case 'view':
                    $message = '您无权访问该数据';
                    break;
                case 'delete':
                    $message = '您无权删除该数据';
                    break;
                default:
                    $message = '无相关权限';
            }
            throw new NotFoundHttpException($message);
        }
    }
}